Time To Work Together To Protect All Credit Unions

I hate the snow and I hate the cold, so it’s only logical that I ended up living in the Northeast. I would love to ignore the snow coming down faster than President Obama’s poll ratings but I know that at some point I’m going to have to fire up the snow blower and deal with the mess.

Similarly, credit unions face a systemic threat that they can’t wish away. My concern is that the threat posed by hackers is as great a risk to the viability of small credit unions as more commonly voiced concerns such as regulatory burden. The bottom line is this: larger institutions will be able to absorb the cost of inevitable cybercrime and make the investments to at least put hurdles in the way of hackers. Smaller institutions simply don’t have the means at their disposal. As members become more cognizant of these risks, their willingness to continue to use the small town institution will fade away.

Think this is just a depressing diagnosis from a snow-hating guy who has only had one cup of coffee?
It was disclosed yesterday that the Target breach continued for days after Target thought it had identified and dealt with the problem. If the technology can outfox a company as large as Target under intense public scrutiny, does your friendly neighborhood credit union really stand a chance when hackers look to exploit vulnerabilities in your IT system?

Fortunately, even without needed legislative reforms, there are some basic steps that can be taken to guard against this trend. Let’s start leveraging our IT expertise. If the industry pulls together its IT services into a single network to facilitate back office processes, this won’t prevent data breaches but it will make it cost effective for smaller institutions to invest in the type of sophisticated IT that is going to become an invaluable component of future growth.

Second, a successful IT Department is going to have to be integrated with a robust compliance program. For instance, you could have the best disclosures in the world but if they are not properly displayed on your online banking service, you haven’t accomplished a thing. So let’s start thinking seriously about pulling together compliance resources. This model has already been in use in states like Georgia where the league association hires compliance people paid for by a group of credit unions. Let’s stop being penny wise and pound foolish when it comes to basic investments in technological infrastructure and let’s start truly cooperating when it comes to developing the type of back-office infrastructure that can benefit all credit unions. Think of it as a corporate system for the 21st Century.